"num" parameter and expected output buffer size in EVP_CipherUpdate
Michel
michel.sales at online.fr
Thu Dec 15 20:19:27 UTC 2022
> This gives a range and I'm looking for exact value.
Ha, OK. I missed that.
But don't you think that an exact value smaller than the
cipher block size might look like an hazardous 'optimization',
for a very hypothetical gain ?
I don't know much about EVP_CIPHER_CTX_num() use case,
looks new to me (OpenSSL version > 3 ?),
sorry.
Regards,
Michel.
-----Message d'origine-----
This gives a range and I'm looking for exact value. That value can be
calculated using Matt's description [0]. I'm wondering if that can be
done without keeping external state, just using cipher API.
The "num" parameter looked like exactly what I was looking for but
either I'm holding it wrong or I misunderstood its purpose.
The use case I have in mind is to provide safe API that checks if the
client provided buffer big enough for next call to CipherUpdate. In some
cases, for example when encrypting data block by block by the client,
the output buffer of one block is sufficient.
I hope that clarifies the use case I have in mind.
Have a nice day!
Kind regards,
Wiktor
[0]:
https://mta.openssl.org/pipermail/openssl-users/2022-November/015623.html
More information about the openssl-users
mailing list